11 Apr
2011
11 Apr
'11
11:53 p.m.
So how would I set up my group rights in this scenario? I've tried this out
and I can't seem to get it to work.
SpaceMain -> everyone should be able to see
SpaceOne -> only users in GroupOne can see. No one else may see this space,
Non-grouped or spacetwo users.
SpaceTwo -> only users in GroupTwo and use. No one else may see this space,
Non-grouped or spaceone users.
I've tried denying GroupOne & AllGroup from SpaceTwo but a GroupTwo member
isn't being allowed to see.
Joel Schuster
joel.schuster(a)opsysinc.com
719-510-0181
12 Apr
12 Apr
8:31 a.m.
Hi Joel,
On 04/12/2011 12:53 AM, Joel Schuster wrote:
So how would I set up my group rights in this scenario? I've tried this out
and I can't seem to get it to work.
SpaceMain -> everyone should be able to see
SpaceOne -> only users in GroupOne can see. No one else may see this space,
Non-grouped or spacetwo users.
SpaceTwo -> only users in GroupTwo and use. No one else may see this space,
Non-grouped or spaceone users.
I've tried denying GroupOne& AllGroup from
SpaceTwo but a GroupTwo member
isn't being allowed to see.
Have you tried to explicitly allow view/edit to SpaceOne for GroupOne
and to SpaceTwo for GroupTwo? I think an explicit allow means deny for
all the rest, but I haven't tried.
Hope this helps,
Marius
Joel Schuster
joel.schuster(a)opsysinc.com
719-510-0181
_______________________________________________
users mailing list
users(a)xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
9:40 a.m.
On Tue, Apr 12, 2011 at 08:31, Marius Dumitru Florea
<mariusdumitru.florea(a)xwiki.com> wrote:
Hi Joel,
On 04/12/2011 12:53 AM, Joel Schuster wrote:
Yes giving a right for a group/user implicitly remove it for others.
So how would I set up my group rights in this scenario? I've tried this out
and I can't seem to get it to work.
SpaceMain -> everyone should be able to see
SpaceOne -> only users in GroupOne can see. No one else may see this space,
Non-grouped or spacetwo users.
SpaceTwo -> only users in GroupTwo and use. No one else may see this space,
Non-grouped or spaceone users.
I've tried denying GroupOne& AllGroup
from SpaceTwo but a GroupTwo member
isn't being allowed to see.
Have you tried to explicitly allow view/edit to SpaceOne for GroupOne
and to SpaceTwo for GroupTwo? I think an explicit allow means deny for
all the rest, but I haven't tried.
Hope this helps,
Marius
--
Thomas Mortagne
Joel Schuster
joel.schuster(a)opsysinc.com
719-510-0181
_______________________________________________
users mailing list
users(a)xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
_______________________________________________
users mailing list
users(a)xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
2:26 p.m.
I believe that I have this working now. I'm not sure I understand why, but it does
seem to work. What I can say is that I did not use 'remove' right, only add.
- Joel
-----Original Message-----
From: users-bounces(a)xwiki.org [mailto:users-bounces@xwiki.org] On
Behalf Of Thomas Mortagne
Sent: Tuesday, April 12, 2011 1:40 AM
To: XWiki Users
Subject: Re: [xwiki-users] Users in Multiple Groups.
On Tue, Apr 12, 2011 at 08:31, Marius Dumitru Florea
<mariusdumitru.florea(a)xwiki.com> wrote:
Hi Joel,
On 04/12/2011 12:53 AM, Joel Schuster wrote:
Yes giving a right for a group/user implicitly remove it for others.
So how would I set up my group rights in this scenario? I've tried
this out and I can't seem to get it to work.
SpaceMain -> everyone should be able to see
SpaceOne -> only users in GroupOne can see. No one else may see this
space, Non-grouped or spacetwo users.
SpaceTwo -> only users in GroupTwo and use. No one else may see this
space, Non-grouped or spaceone users.
I've tried denying GroupOne& AllGroup
from SpaceTwo but a GroupTwo
member isn't being allowed to see.
Have you tried to explicitly allow view/edit to SpaceOne for GroupOne
and to SpaceTwo for GroupTwo? I think an explicit allow means deny for
all the rest, but I haven't tried.
Hope this helps,
Marius
--
Thomas Mortagne
_______________________________________________
users mailing list
users(a)xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
Joel Schuster
joel.schuster(a)opsysinc.com
719-510-0181
_______________________________________________
users mailing list
users(a)xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
_______________________________________________
users mailing list
users(a)xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
2:46 p.m.
On 04/12/2011 02:26 PM, Joel Schuster wrote:
I believe that I have this working now. I'm not
sure I understand why, but it does seem to work. What I can say is that I did not use
'remove' right, only add.
Deny rights are stronger than allow rights.
Since all members of GroupTwo are also members of AllGroup, they are
also denied access. Thus, setting "deny" on AllGroup really means that
nobody can view that space.
As for why it works, as others already said, if someone has "allow",
then everybody else implicitly is denied. If you say that GroupOne is
allowed to view, this translates into "only GroupOne is allowed to view".
Also note that there's no inheritance between rights, so also set the
same rights for edit and comment as well, since otherwise users in
GroupTwo will be able to edit documents, although they cannot view them.
- Joel
> -----Original Message-----
> From: users-bounces(a)xwiki.org [mailto:users-bounces@xwiki.org] On
> Behalf Of Thomas Mortagne
> Sent: Tuesday, April 12, 2011 1:40 AM
> To: XWiki Users
> Subject: Re: [xwiki-users] Users in Multiple Groups.
>
> On Tue, Apr 12, 2011 at 08:31, Marius Dumitru Florea
> <mariusdumitru.florea(a)xwiki.com> wrote:
>> Hi Joel,
>>
>> On 04/12/2011 12:53 AM, Joel Schuster wrote:
>>>
>>>
>>> So how would I set up my group rights in this scenario? I've tried
>>> this out and I can't seem to get it to work.
>>>
>>>
>>>
>>> SpaceMain -> everyone should be able to see
>>>
>>> SpaceOne -> only users in GroupOne can see. No one else may see this
>>> space, Non-grouped or spacetwo users.
>>>
>>> SpaceTwo -> only users in GroupTwo and use. No one else may see this
>>> space, Non-grouped or spaceone users.
>>>
>>>
>>>
>>
>>> I've tried denying GroupOne& AllGroup from SpaceTwo but a GroupTwo
>>> member isn't being allowed to see.
>>
>> Have you tried to explicitly allow view/edit to SpaceOne for GroupOne
>> and to SpaceTwo for GroupTwo? I think an explicit allow means deny for
>> all the rest, but I haven't tried.
>
> Yes giving a right for a group/user implicitly remove it for others.
>
--
Sergiu Dumitriu
http://purl.org/net/sergiu/
5003
days inactive
5004
days old
4 comments
4 participants
participants (4)
-
Joel Schuster -
Marius Dumitru Florea -
Sergiu Dumitriu -
Thomas Mortagne